Patent · US Expired

Method and apparatus for detecting malicious code in an information handling system

US7748039B2 · kind B2 · utility

12Cited by

22References

54Claims

0Family size

Assignee

Symantec Corporation · US

Inventors

Mark Obrecht · Austin, US
Michael Tony Alagna · Austin, US
Andy Payne · Austin, US

Key dates

Filing date	Aug 30, 2002
Grant date	Jun 29, 2010
Priority date	—
Expiry date	Aug 29, 2025

Classification

Technology area (CPC G)Physics
CPC primaryG06F21/566
WIPO fieldComputer technology
WIPO sectorElectrical engineering

Abstract

A method for detecting malicious code on an information handling system includes executing malicious code detection code (MCDC) on the information handling system. The malicious code detection code includes detection routines. The detection routines are applied to executable code under investigation running on the information handling system during the execution of the MCDC. The detection routines associate weights to respective executable code under investigation in response to detections of a valid program or malicious code as a function of respective detection routines. Lastly, executable code under investigation is determined a valid program or malicious code as a function of the weights associated by the detection routines. Computer-readable media and an information handling system are also disclosed.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.